Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

liferay

5 Products 68 CVEs

CVE Severity Distribution (All Time)

Critical
24
High
7
Medium
34
Low
2

Timeline Overview

Last 30 Days 0 CVEs
Last 6 Months 0 CVEs
Last Year 7 CVEs

Products

View all

portal

63 Versions 67 CVEs

dxp

105 Versions 66 CVEs

digital_experience_platform

12 Versions 5 CVEs

liferay_portal

6 Versions 2 CVEs

liferay_enterprise_portal

2 Versions 1 CVE

Recent CVEs

View all
CVE-2023-37940 MEDIUM 6 months ago

Cross-site scripting (XSS) vulnerability in the edit Service Access Policy page in Liferay Portal 7.0.0 through 7.4.3.87, and Liferay DXP 7.4 GA thro…

CVE-2024-11993 UNKNOWN 6 months ago

Reflected cross-site scripting (XSS) vulnerability in Liferay Portal 7.4.0 through 7.4.3.38, and Liferay DXP 7.4 GA through update 38 allows remote a…

CVE-2024-38002 CRITICAL 7 months, 4 weeks ago

The workflow component in Liferay Portal 7.3.2 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, 7.4 GA th…

CVE-2024-26273 HIGH 7 months, 4 weeks ago

Cross-site request forgery (CSRF) vulnerability in the content page editor in Liferay Portal 7.4.0 through 7.4.3.103, and Liferay DXP 2023.Q4.0 throu…

CVE-2024-26272 HIGH 7 months, 4 weeks ago

Cross-site request forgery (CSRF) vulnerability in the content page editor in Liferay Portal 7.3.2 through 7.4.3.107, and Liferay DXP 2023.Q4.0 throu…

CVE-2024-8980 CRITICAL 7 months, 4 weeks ago

The Script Console in Liferay Portal 7.0.0 through 7.4.3.101, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through u…

CVE-2024-26271 HIGH 7 months, 4 weeks ago

Cross-site request forgery (CSRF) vulnerability in the My Account widget in Liferay Portal 7.4.3.75 through 7.4.3.111, and Liferay DXP 2023.Q4.0 thro…